Today’s Cyber Threat Level: BLUE /GUARDED
The Cyber Alert Level remains at Blue (Guarded):
On February 5, the Cyber Threat Alert Level was evaluated and is remaining at Blue (Guarded) due to vulnerabilities in SimpleHelp and Google products. On January 30, the MS-ISAC released an advisory for multiple vulnerabilities in SimepleHelp RMM, the most severe of which could allow for arbitrary code execution.
On February 4, the MS-ISAC released an advisory for multiple vulnerabilities in Google Android OS, the most severe of which could allow for privilege escalation. Organizations and users are advised to update and apply all appropriate vendor security patches to vulnerable systems and to continue to update their antivirus signatures daily. Another line of defense includes user awareness training regarding the threats posed by attachments and hypertext links contained in emails especially from un-trusted sources.
On January 27, the MS-ISAC released two advisories. The first advisory was for multiple vulnerabilities in Google Chrome, the most severe of which could allow for arbitrary code execution. The second advisory was for a vulnerability in SonicWall Secure Mobile Access (SMA) 1000 Series Appliances that could allow for remote code execution.
On January 22, the Cyber Threat Alert Level was evaluated and is remaining at Blue (Guarded) due to vulnerabilities in Oracle products. On January 21, the MS-ISAC released an advisory for multiple vulnerabilities in Oracle products, the most severe of which could allow for remote code execution. Organizations and users are advised to update and apply all appropriate vendor security patches to vulnerable systems and to continue to update their antivirus signatures daily. Another line of defense includes user awareness training regarding the threats posed by attachments and hypertext links contained in emails especially from un-trusted sources.
On January 15, the Cyber Threat Alert Level was evaluated and remains at Blue (Guarded) due to vulnerabilities in Ivanti, SonicWall, Adobe, Microsoft, and Fortinet products.
On January 15, the MS-ISAC released an advisory for multiple vulnerabilities in Rsync, the most severe of which could allow for remote code execution. Organizations and users are advised to update and apply all appropriate vendor security patches to vulnerable systems and to update their antivirus signatures daily. Another line of defense includes user awareness training regarding the threats posed by attachments and hypertext links contained in emails, especially from un-trusted sources.
The Cyber Threat Level indicator displays the current level of malicious cyber activity and indicates the potential for or actual damage. The indicator comprises 5 levels:
Red or Severe Cyber Threat Level
Indicates a severe risk of hacking, virus, or other malicious activity resulting in widespread outages and/or significantly destructive compromises to systems with no known remedy or debilitating one or more critical infrastructure sectors. At this level, vulnerabilities are being exploited with severe or widespread damage or disruption of Critical Infrastructure Assets.
Orange or High Level
Indicates a high risk of increased hacking, virus, or other malicious cyber activity that targets or compromises core infrastructure, causes multiple service outages, multiple system compromises, or compromises critical infrastructure. At this level, vulnerabilities are being exploited with a high level of damage or disruption, or the potential for severe damage or disruption is high.
Yellow or Elevated Level
This indicates a significant risk due to increased hacking, viruses, or malicious activity that compromises systems or diminishes service. At this level, known vulnerabilities are being exploited with a moderate level of damage or disruption, or the potential for significant damage or disruption is high.
Blue or Guarded Cyber Threat Level
Indicates a general risk of increased hacking, viruses, or other malicious activity. The potential exists for malicious cyber activities, but no known exploits have been identified or known exploits have been identified, but no significant impact has occurred.
Green or Low Cyber Threat Level
Indicates a low risk.
Contact Commonwealth Sentinel to learn more about how the Cyber Threat Level affects your organization and what steps you can take to lower your Level.